Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Redirect and General Garbage

Started by StonerMonkey , Apr 04 2011 01:53 PM

  • Please log in to reply

#1
StonerMonkey
Posted 04 April 2011 - 01:53 PM

StonerMonkey

    New Member

  • Member
  • Pip
  • 2 posts
First of all something that's been happening for a while now is an occasional (ie not constant, seemingly random) redirect to a blah-blah-fastbrowsersearch.com-somethingerother page.

Then today I was browsing tourist information for France when one of the sites blew my computer up with what appeared to be a fake Spyware removal utility which kept asking me to get the full version to be able to do anything. It wouldn't allow me to connect to the internet with any browser, I couldn't close it, it was even blocking task manager and command prompt from running. I managed to block whatever it was while in safe mode but I know there must be a pile of spyware/malware garbage hanging out in the background.

Ran a free online Trendmicro scan with 'no results'. I'm not sure that tool is even worth using these days anyways. I'm out of the loop.

Posting my OTL logs. Geekier than me Geeks! Help please thank you! =)

-----------------------------

OTL logfile created on: 2011-04-04 15:34:03 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Melanie\Downloads
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 69,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,96 Gb Total Space | 4,57 Gb Free Space | 3,29% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,58 Gb Free Space | 65,84% Space Free | Partition Type: NTFS

Computer Name: MELANIE-PC | User Name: Melanie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-04-04 15:33:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Melanie\Downloads\OTL.exe
PRC - [2011-03-25 07:04:16 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-06-03 15:46:32 | 000,139,264 | ---- | M] (Rogers Cable Communications) -- C:\Program Files\Rogers\SelfHealing\RogersSelfHelpService.exe
PRC - [2010-03-18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009-11-13 11:28:04 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009-06-16 08:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2009-05-15 09:57:18 | 000,067,456 | ---- | M] () -- C:\Program Files\Search Guard PlusU\sgpUpdaters.exe
PRC - [2009-05-06 10:32:08 | 000,730,496 | ---- | M] () -- C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
PRC - [2008-10-29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007-05-17 17:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe


========== Modules (SafeList) ==========

MOD - [2011-04-04 15:33:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Melanie\Downloads\OTL.exe
MOD - [2010-08-31 11:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010-06-03 15:46:32 | 000,139,264 | ---- | M] (Rogers Cable Communications) [Auto | Running] -- C:\Program Files\Rogers\SelfHealing\RogersSelfHelpService.exe -- (RogersSelfHelpService)
SRV - [2010-03-18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009-11-13 11:28:04 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009-09-03 06:27:53 | 000,111,312 | ---- | M] (Radialpoint Inc.) [Disabled | Stopped] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe -- (Radialpoint Security Services)
SRV - [2009-06-16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009-02-27 22:51:18 | 000,363,248 | ---- | M] (Rogers) [Disabled | Stopped] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe -- (RP_FWS)
SRV - [2008-04-28 07:23:36 | 000,738,568 | ---- | M] (Raxco Software, Inc.) [Disabled | Stopped] -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine)
SRV - [2008-04-28 07:23:28 | 000,414,984 | ---- | M] (Raxco Software, Inc.) [Disabled | Stopped] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV - [2008-04-22 09:25:02 | 000,163,840 | ---- | M] (Rogers Cable Communications) [Disabled | Stopped] -- C:\Program Files\Rogers\Update Manager\RogersUpdateManager.exe -- (RogersUpdateManager)
SRV - [2008-01-19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-05-17 17:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)


========== Driver Services (SafeList) ==========

DRV - [2009-02-24 19:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009-01-09 19:52:02 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008-06-26 13:23:08 | 000,147,984 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2008-06-26 13:23:08 | 000,112,144 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2008-05-06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008-04-25 06:38:22 | 000,071,184 | ---- | M] (Raxco Software, Inc.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2008-04-24 14:02:36 | 000,053,192 | ---- | M] (Radialpoint Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rp_skt32.sys -- (RPSKT) Security Services Driver (x86)
DRV - [2008-02-21 11:11:12 | 000,041,216 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Capt9052.sys -- (SQTECH9052)
DRV - [2007-05-03 12:21:08 | 000,029,056 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2007-04-29 04:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007-04-10 17:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2007-02-20 13:07:56 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006-11-02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.ca...=ca&ibd=0080416
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.tattoodle...758B49499}&v=12
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrows...?s=DEF&v=18&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
FF - prefs.js..browser.startup.homepage: "http://home.mywebsea...B-1EBCB2099A72"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://www.fastbrows...363173148A}&q="


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-25 07:04:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-25 07:04:20 | 000,000,000 | ---D | M]

[2009-07-24 18:22:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melanie\AppData\Roaming\Mozilla\Extensions
[2011-04-04 15:35:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\309tdlpy.default\extensions
[2009-09-10 13:14:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\309tdlpy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009-08-27 00:59:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\309tdlpy.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
[2010-11-30 21:06:18 | 000,010,078 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\309tdlpy.default\searchplugins\MyFunCardsbar.xml
[2011-02-14 14:19:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-09-26 10:16:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011-02-14 14:19:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010-11-12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011-03-03 17:19:05 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2011-03-03 17:19:05 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011-03-03 17:19:05 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009-08-27 00:59:25 | 000,003,700 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.png
[2009-08-27 00:59:25 | 000,001,963 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.xml
[2011-03-03 17:19:05 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2011-03-03 17:19:05 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2006-09-18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll (Conduit Ltd.)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (PopKill Class) - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Rogers Online Protection\Rogers Online Protection\pkR.dll (Rogers)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Search Assistant) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll (MTWB)
O2 - BHO: (Fast Browser Search Toolbar Helper) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll ()
O3 - HKLM\..\Toolbar: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll ()
O3 - HKLM\..\Toolbar: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (PHPNukeFR Toolbar) - {1C491116-C175-45E1-A570-6FB14FEA8B7B} - C:\Program Files\PHPNukeFR\tbPHPN.dll (Conduit Ltd.)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKCU..\Run: [\YUR1EE5.exe] File not found
O4 - HKCU..\Run: [\YUR254B.exe] File not found
O4 - HKCU..\Run: [\YUR26B2.exe] File not found
O4 - HKCU..\Run: [\YUR39C4.exe] File not found
O4 - HKCU..\Run: [\YUR4AA6.exe] File not found
O4 - HKCU..\Run: [\YUR64AB.exe] File not found
O4 - HKCU..\Run: [\YUR6576.exe] File not found
O4 - HKCU..\Run: [\YUR667F.exe] File not found
O4 - HKCU..\Run: [\YUR674A.exe] File not found
O4 - HKCU..\Run: [\YUR6769.exe] File not found
O4 - HKCU..\Run: [\YUR6778.exe] File not found
O4 - HKCU..\Run: [\YUR6834.exe] File not found
O4 - HKCU..\Run: [\YUR68DF.exe] File not found
O4 - HKCU..\Run: [\YUR69BA.exe] File not found
O4 - HKCU..\Run: [\YUR6A17.exe] File not found
O4 - HKCU..\Run: [\YUR6A27.exe] File not found
O4 - HKCU..\Run: [\YUR6A36.exe] File not found
O4 - HKCU..\Run: [\YUR6B5F.exe] File not found
O4 - HKCU..\Run: [\YUR6B9D.exe] File not found
O4 - HKCU..\Run: [\YUR6CB6.exe] File not found
O4 - HKCU..\Run: [\YUR6CF4.exe] File not found
O4 - HKCU..\Run: [\YUR6D52.exe] File not found
O4 - HKCU..\Run: [\YUR6D81.exe] File not found
O4 - HKCU..\Run: [\YUR6EB9.exe] File not found
O4 - HKCU..\Run: [\YUR6F64.exe] File not found
O4 - HKCU..\Run: [\YUR6FA3.exe] File not found
O4 - HKCU..\Run: [\YUR7010.exe] File not found
O4 - HKCU..\Run: [\YUR7222.exe] File not found
O4 - HKCU..\Run: [\YUR7242.exe] File not found
O4 - HKCU..\Run: [\YUR74F0.exe] File not found
O4 - HKCU..\Run: [\YUR7686.exe] File not found
O4 - HKCU..\Run: [\YUR7879.exe] File not found
O4 - HKCU..\Run: [\YUR7AF9.exe] File not found
O4 - HKCU..\Run: [\YUR7C.exe] File not found
O4 - HKCU..\Run: [\YUR7DE5.exe] File not found
O4 - HKCU..\Run: [\YUR8719.exe] File not found
O4 - HKCU..\Run: [\YUR8748.exe] File not found
O4 - HKCU..\Run: [\YUR89D7.exe] File not found
O4 - HKCU..\Run: [\YUR8C18.exe] File not found
O4 - HKCU..\Run: [\YUR8D21.exe] File not found
O4 - HKCU..\Run: [\YURA227.exe] File not found
O4 - HKCU..\Run: [\YURA311.exe] File not found
O4 - HKCU..\Run: [\YURAB4B.exe] File not found
O4 - HKCU..\Run: [\YURB98E.exe] File not found
O4 - HKCU..\Run: [\YURBAC6.exe] File not found
O4 - HKCU..\Run: [\YURC245.exe] File not found
O4 - HKCU..\Run: [\YURC3CB.exe] File not found
O4 - HKCU..\Run: [\YURC908.exe] File not found
O4 - HKCU..\Run: [\YURD29.exe] File not found
O4 - HKCU..\Run: [\YURD4FA.exe] File not found
O4 - HKCU..\Run: [\YURF1AE.exe] File not found
O4 - HKCU..\Run: [\YURFF7.exe] File not found
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7c650b66-cfcc-11df-8928-001d0994f0cd}\Shell - "" = AutoRun
O33 - MountPoints2\{7c650b66-cfcc-11df-8928-001d0994f0cd}\Shell\AutoRun\command - "" = "I:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{7c650dc8-cfcc-11df-8928-001d0994f0cd}\Shell - "" = AutoRun
O33 - MountPoints2\{7c650dc8-cfcc-11df-8928-001d0994f0cd}\Shell\AutoRun\command - "" = "I:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (PDBoot.exe) - C:\Windows\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-04-04 23:08:10 | 001,015,808 | ---- | C] (Defender Software) -- C:\Users\Melanie\AppData\Roaming\defender.exe
[2011-04-03 20:49:39 | 000,000,000 | ---D | C] -- C:\Users\Melanie\Documents\KIJIJI
[2011-03-20 08:34:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Convert MP4 to MP3
[2011-03-20 08:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\Convert MP4 to MP3
[2011-03-09 23:03:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011-03-09 23:00:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011-03-09 22:35:42 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

========== Files - Modified Within 30 Days ==========

[2011-04-04 23:08:10 | 001,015,808 | ---- | M] (Defender Software) -- C:\Users\Melanie\AppData\Roaming\defender.exe
[2011-04-04 15:30:51 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-04-04 15:30:51 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-04-04 15:23:29 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-04-04 15:23:25 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-04-04 15:23:25 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-04-04 15:23:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-04-04 15:23:12 | 3478,310,912 | -HS- | M] () -- C:\hiberfil.sys
[2011-04-04 15:08:38 | 000,000,653 | ---- | M] () -- C:\ProgramData\SHSupdates.xml
[2011-04-04 15:06:28 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011-04-04 15:01:47 | 2498,650,144 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.dat
[2011-04-04 14:52:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-04-02 18:51:13 | 000,154,624 | ---- | M] () -- C:\Users\Melanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-04-02 09:23:59 | 000,054,136 | ---- | M] () -- C:\Users\Melanie\Desktop\bob-le-bricoleur-zoe-et-potimarron.gif
[2011-04-01 19:29:45 | 000,008,698 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\wklnhst.dat
[2011-03-29 22:33:28 | 000,000,000 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\45556xx.ini
[2011-03-25 17:52:50 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011-03-17 12:35:52 | 032,053,304 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.idx
[2011-03-09 23:03:42 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

========== Files Created - No Company Name ==========

[2011-04-04 15:23:08 | 3478,310,912 | -HS- | C] () -- C:\hiberfil.sys
[2011-04-02 09:23:58 | 000,054,136 | ---- | C] () -- C:\Users\Melanie\Desktop\bob-le-bricoleur-zoe-et-potimarron.gif
[2011-03-29 22:33:28 | 000,000,000 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\45556xx.ini
[2011-03-09 23:03:42 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011-02-09 04:17:43 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011-02-09 04:17:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010-07-31 18:49:24 | 002,205,064 | ---- | C] () -- C:\ProgramData\shs_setup_4059-354328.exe
[2010-03-14 10:49:08 | 000,004,096 | -H-- | C] () -- C:\Users\Melanie\AppData\Local\keyfile3.drm
[2010-02-17 10:22:26 | 000,000,036 | ---- | C] () -- C:\Users\Melanie\AppData\Local\housecall.guid.cache
[2010-01-27 16:28:03 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010-01-27 16:28:03 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010-01-27 16:28:03 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010-01-27 16:28:03 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010-01-27 16:28:03 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010-01-27 16:28:03 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010-01-27 16:28:03 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010-01-27 16:28:03 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010-01-27 16:28:03 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010-01-27 16:28:03 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010-01-27 16:28:03 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010-01-27 16:28:03 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010-01-27 16:28:03 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010-01-27 16:28:03 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010-01-27 16:28:03 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010-01-27 16:28:03 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009-06-14 06:20:28 | 001,900,184 | ---- | C] () -- C:\ProgramData\shs_setup_4056-345359.exe
[2009-05-21 17:38:06 | 2498,650,144 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat
[2009-04-30 19:57:26 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008-11-12 04:02:56 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008-08-13 19:59:23 | 000,000,653 | ---- | C] () -- C:\ProgramData\SHSupdates.xml
[2008-06-18 07:04:04 | 000,005,216 | ---- | C] () -- C:\Users\Melanie\AppData\Local\d3d9caps.dat
[2008-05-22 18:22:18 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008-05-22 18:18:54 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008-04-27 09:32:47 | 000,008,698 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\wklnhst.dat
[2008-04-26 18:07:35 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2008-04-25 15:47:25 | 000,154,624 | ---- | C] () -- C:\Users\Melanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-04-16 13:12:39 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2008-04-16 13:12:39 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2008-04-16 13:12:39 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll
[2008-04-16 13:12:39 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007-04-10 17:46:52 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2007-02-20 13:07:56 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2006-11-10 18:02:53 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006-11-02 08:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006-11-02 08:44:53 | 000,349,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006-11-02 06:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006-11-02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006-11-02 06:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006-11-02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006-11-02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006-11-02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006-11-02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006-11-02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006-11-02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-11-02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003-01-07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== LOP Check ==========

[2009-12-13 14:11:29 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Ambient Design
[2011-03-30 07:55:00 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\BitTorrent
[2010-08-25 19:40:00 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Epson
[2010-03-13 09:52:54 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Facebook
[2009-11-22 22:49:49 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\LimeWire
[2008-04-28 19:05:52 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\ooVoo Details
[2009-03-19 15:38:43 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\OpenOffice.org
[2009-05-21 20:20:05 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Rogers Online Protection
[2008-04-27 14:53:58 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Template
[2010-11-23 07:14:27 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\uTorrent
[2010-10-08 21:02:54 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Western Digital
[2011-04-04 15:03:23 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Melanie\Documents\holiday season2009 034.MPG:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Melanie\Documents\holiday season2009 033.MPG:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Melanie\Desktop\Wall-E.mp4:TOC.WMV

< End of report >


OTL Extras logfile created on: 2011-04-04 15:34:03 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Melanie\Downloads
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 69,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,96 Gb Total Space | 4,57 Gb Free Space | 3,29% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,58 Gb Free Space | 65,84% Space Free | Partition Type: NTFS

Computer Name: MELANIE-PC | User Name: Melanie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2640B20B-A9C7-4607-81B3-8B4092BADAEE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E50E0223-D960-4AA2-918D-F71CF2DEAA60}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B54B19-F8E4-4A3A-A06C-F3CC88B1FF2E}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{2C836979-5C1B-42C7-88AA-AF17E9946D38}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{3753BECB-779E-4130-9AC9-5A138487FAAE}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{4228C98F-3784-49B0-A9D2-E6E84AD5452E}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{43C0B8F8-8EC8-4942-B2DA-32ABA5DE11F9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{47FDEF31-4D12-4403-B275-4C9F7C228AAC}" = protocol=17 | dir=in | app=c:\users\melanie\desktop\utorrent.exe |
"{4B62209B-FBF8-4BE9-A68F-5B1EE0DC65DF}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{610A4100-DD5F-40E6-A897-95AB81ECD074}" = protocol=6 | dir=in | app=c:\users\melanie\desktop\utorrent.exe |
"{63283036-BEE2-43B9-B305-396D131FA422}" = protocol=6 | dir=in | app=c:\program files\smartftp client\smartftp.exe |
"{65297A07-9208-4138-AE7F-4A489C61B8DD}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{65879EE1-E485-4532-A306-12CDEB84207E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{76C2B1C7-2660-40C0-A70C-00A55499FEE7}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{8CA97058-A1D7-4B0F-A7CF-11F03841910B}" = protocol=17 | dir=in | app=c:\program files\smartftp client\smartftp.exe |
"{9559DCA5-A507-4E13-90E6-1A575977CC23}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{9F896CB7-1F4F-4906-98DF-36605EA0E97D}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{A66A2D7D-51CD-41E9-994E-A9A989247FBB}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{A6838361-3033-46A0-A0F5-6EF71486DFAB}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{ABD6C64B-D68D-4741-97C6-35D03030C921}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B3EF3622-C07A-4AF5-AE47-F20C57EEA35E}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"TCP Query User{26053212-B2FC-4B49-BEFA-F7F228B995F2}C:\users\melanie\appdata\local\temp\wzse0.tmp\symnrt.exe" = protocol=6 | dir=in | app=c:\users\melanie\appdata\local\temp\wzse0.tmp\symnrt.exe |
"UDP Query User{2DE00B55-050C-4BDF-9A1C-112E6D97A764}C:\users\melanie\appdata\local\temp\wzse0.tmp\symnrt.exe" = protocol=17 | dir=in | app=c:\users\melanie\appdata\local\temp\wzse0.tmp\symnrt.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{{598D99F7-B97C-424F-B899-69B339336411}}" = Disney Micro
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0CA6047C-D28B-4295-834A-07C52BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
"{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}" = Menus intelligents (Windows Live Toolbar)
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1733360D-6EE0-42F9-9B03-1072D5CD8179}" = ArcSoft Print Creations
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1B1B3FC3-5D41-42B6-85B1-27223246E438}" = RPS Zip
"{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{212F5777-1190-4DEF-8E4D-6B2F313B45E7}" = PerfectDisk
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{230B83A5-7D88-4B95-B71E-F44C0C78B002}" = Windows Live Movie Maker
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 23
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2F1074A4-B6D4-4C4D-A728-C1EADDB188D9}" = RPS Security Cleanup
"{300B9E83-E406-4DF7-8A21-E8A90E4F8B91}_is1" = Convert DVD to AVI 1.1
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{30CEB667-A649-4BB7-AB1B-52BCC5C0D86C}" = ArtRage 2 Starter Edition
"{316CDA1E-4760-4772-94B0-0FFC56D85700}" = RPS CRT
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{3AB59D99-F209-4705-96A0-304C53D88958}" = RPS RpsCore
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{426B3380-B8F7-4A69-9838-B1A8237F0B00}" = RPS Burn
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online
"{5067397A-2935-4290-AE14-1BE2863B00A3}_is1" = Convert MP4 to MP3 1.5
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{598D99F7-B97C-424F-B899-69B339336411}" = Disney Micro
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63AFACBC-4795-4A1B-8037-5085DC03FC54}" = Microsoft LifeCam
"{65601901-7C80-4C4D-A4C8-566D9957C0F7}" = SmartFTP Client
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6709A989-F0AC-43E5-9DE8-4100A85715BD}" = RPS Ad Blocker
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6860B340-530D-46B3-91F8-1AE1F70F7C33}" = OpenOffice.org 3.0
"{68F129E0-EF23-4CCE-A03F-B2C1A6DC9013}" = Rogers Online Protection
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5F989B-D61A-48BF-B860-3EB95600155F}" = RPS Firewall
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.11.0
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites pour Windows Live Toolbar
"{7AE58266-B58D-44D8-A0CB-E83F01B67C6B}" = Disney Pix Micro Downloader
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81B5F83F-2291-48B0-8375-36B63A9BF5B0}" = Surligneur (Windows Live Toolbar)
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = DB CIF Cam
"{8784867F-AA3D-4258-837C-0DC6EBAFDB5E}" = RPS Ksdk
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{94570A74-CA05-43A7-9B1E-38142CDDE93B}" = RPS AntiVirus
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{97F7C9CE-5C2A-4095-9BC5-3AA6A49F191B}" = RPS Performance Tool
"{9D6524E6-15CF-4852-BF70-04FE973A3DE1}" = Windows Live Toolbar
"{9FA93155-472F-4778-87A8-95244FD1535D}" = OLYMPUS Master 2
"{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AE68FB75-1887-48E8-95D9-6A2571CBC2EF}" = RPS ParentalControl
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C96AA12B-D119-4093-95B3-8AC44D38BED8}" = RPS Privacy Manager
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFAC9887-F0FA-408D-BACE-8009A16C2E0D}" = RPS AntiSpyware
"{D5520D44-B1D7-4D38-A9FF-23B0137CC71E}" = RPS AntiFraud
"{DD188FB1-263D-4602-9608-7CABFEA6E25F}" = RPS Backup
"{DD1DDD99-D225-40CD-9433-44667C7ABD3F}" = Disney Pix 2.2
"{DE39E9CB-637B-45B4-B7D6-4842F3988871}" = RPS App Detector
"{E15329B7-99DB-4A2E-A6FC-68699A957264}" = RPS Diagnostic Utility
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{F88B38F4-1A34-4F7F-B2F7-9CA78F209BB0}" = RPS PopupBlocker
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"BitTorrent" = BitTorrent
"Caricatures PRO_is1" = Caricatures PRO [4.4.0.1]
"EPSON Artisan 700 Series" = EPSON Artisan 700 Series Printer Uninstall
"EPSON Scanner" = EPSON Scan
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"LimeWire" = LimeWire PRO 4.16.6
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.5.18)" = Mozilla Firefox (3.5.18)
"Photo Viewer" = Photo Viewer V2.08
"PHPNukeFR Toolbar" = PHPNukeFR Toolbar
"PokerStars" = PokerStars
"PROSetDX" = Intel® PRO Network Connections 12.1.11.0
"RadialpointClientGateway_is1" = Rogers Servicepoint Agent 2.0.21
"Rogers Self Help Software" = Rogers Self Help Software
"Rogers Update Manager" = Rogers Update Manager
"Search Guard Plus" = Search Guard Plus (My Tattoons)
"Search Guard Plus Updater" = Search Guard Plus Updater (My Tattoons)
"SmartFTP Client 4.0 Setup Files" = SmartFTP Client 4.0 Setup Files (remove only)
"Smilies" = Smilies
"TBSB07183.TBSB07183Toolbar" = Fast Browser Search (My Tattoons)
"The Rosetta Stone" = The Rosetta Stone
"VLC media player" = VLC media player 1.0.5
"VMidi" = vanBasco's Karaoke Player
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = WinRAR archiver
"Yahoo! Applications" = Rogers Yahoo! Applications

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2009-08-27 21:08:47 | Computer Name = Melanie-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6000.16890 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1478 Start Time: 01ca277bcc079fc0 Termination Time: 31

Error - 2009-08-27 21:22:41 | Computer Name = Melanie-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6000.16890 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1574 Start Time: 01ca277de3ce02a0 Termination Time: 31

Error - 2009-08-28 08:43:12 | Computer Name = Melanie-PC | Source = EventSystem | ID = 4621
Description =

Error - 2009-08-28 23:23:36 | Computer Name = Melanie-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6000.16890 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 298 Start Time: 01ca2837d7637824 Termination Time: 296

Error - 2009-08-30 19:43:27 | Computer Name = Melanie-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16890, time stamp
0x4a619d6d, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,
exception code 0xc0000374, fault offset 0x000af1c9, process id 0x8cc, application
start time 0x01ca29c76452335b.

Error - 2009-08-31 07:57:56 | Computer Name = Melanie-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6000.16890 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1254 Start Time: 01ca2a30dbd2f15b Termination Time: 78

Error - 2009-08-31 18:47:18 | Computer Name = Melanie-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6000.16890 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 123c Start Time: 01ca2a8350e609db Termination Time: 0

Error - 2009-08-31 21:35:12 | Computer Name = Melanie-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6000.16890 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1754 Start Time: 01ca2a8d1c934f3b Termination Time: 764

Error - 2009-08-31 23:14:43 | Computer Name = Melanie-PC | Source = EventSystem | ID = 4621
Description =

Error - 2009-09-02 18:02:35 | Computer Name = Melanie-PC | Source = Application Error | ID = 1000
Description = Faulting application ieuser.exe, version 6.0.6000.16890, time stamp
0x4a619d65, faulting module msvcrt.dll, version 7.0.6000.16386, time stamp 0x4549bd61,
exception code 0xc0000005, fault offset 0x00009b20, process id 0x928, application
start time 0x01ca2b77618ad66d.

[ System Events ]
Error - 2011-04-04 15:17:55 | Computer Name = Melanie-PC | Source = DCOM | ID = 10005
Description =

Error - 2011-04-04 15:18:04 | Computer Name = Melanie-PC | Source = DCOM | ID = 10005
Description =

Error - 2011-04-04 15:18:07 | Computer Name = Melanie-PC | Source = DCOM | ID = 10005
Description =

Error - 2011-04-04 15:18:07 | Computer Name = Melanie-PC | Source = DCOM | ID = 10005
Description =

Error - 2011-04-04 15:18:07 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 2011-04-04 15:18:07 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 2011-04-04 15:18:40 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 2011-04-04 15:18:41 | Computer Name = Melanie-PC | Source = DCOM | ID = 10005
Description =

Error - 2011-04-04 15:18:41 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 2011-04-04 15:23:23 | Computer Name = Melanie-PC | Source = HTTP | ID = 15016
Description =


< End of report >
  • 0

Advertisements

#2
StonerMonkey
Posted 05 April 2011 - 01:20 PM

StonerMonkey

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Is my mess too confusing? lol

**edit sorry missed the suggestion about not bumping posts

Edited by StonerMonkey, 05 April 2011 - 06:50 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP